Account and Support

Making Spam Expensive

Junk e-mailers shell out computing time.

People love e-mail because it’s easy and cheap. People hate spam-junk e-mail-well, because it’s easy and cheap. At roughly a hundredth of a cent per message, a spammer can blast a million e-mails promoting ways to make money for a mere $100 initial investment. With such an economical advertising medium, it’s hard for spammers not to recover their money. Unless, of course, they have to pay more for their trouble-a concept now being pursued at Microsoft.

This story is part of our April 2003 issue

Tools aimed at stemming the tide of electronic junk mail have proliferated recently, and most approaches rely on various filtering techniques. One common method is to search the subject line for certain words and such phrases as “eliminate debt” or “work from home.” But those filters can also screen out legitimate e-mail that happens to contain the trigger words and can send critical e-mail unread to the “junk” folder, costing businesses dearly. That’s why programmers have been looking for spam-blocking techniques that don’t depend on message content.

Microsoft’s concept is simple: make the sender’s computer devote processor cycles to solving a mathematical problem. Incoming e-mail from an unknown sender gets delivered only once the recipient’s computer verifies that a specific problem has been solved. “Computer time is money,” says Cynthia Dwork, a Microsoft researcher who helped originate the idea while she was working at IBM. This cost won’t overload legitimate mailers, who send only a few messages at a time, but it could be daunting for a spammer.

Over the last year, Joshua Goodman at Microsoft Research in Redmond, WA, has been working on ways to implement Dwork’s idea. The challenge assigned by the recipient’s computer, says Goodman, might be to solve a mathematical function that uses inputs such as the sender’s name, recipient’s name, time, and the content of the message itself as variables. Such an operation would typically take 10 seconds of computer time, says Dwork. That would limit a computer to sending some 8,000 e-mails a day-plenty for an individual but not enough to make it worth a spammer’s while. For legitimate mass e-mail such as newsletters, subscribers could create rosters of known senders whose messages would be allowed through without their having to punch the computational ticket.

A similar project called Camram is under way in the open-source software community, says coordinator Eric S. Johansson. Goodman says, “We want to drive up the cost of using e-mail-not for the ordinary user but for the spammer.”